China moots additional security rules for apps that influence public opinion

Country's industry regulator releases draft laws that will require, amongst others, mobile apps providing news to be licensed to do so and those that may influence public opinion to undergo a security assessment.

China has released draft laws that will require, amongst others, mobile apps to be licensed if they provide news and go through a security assessment if they can influence public opinion. They also must adhere to cybersecurity guidelines and not endanger national security. 

The Cyberspace Administration of China (CAC) on Wednesday unveiled proposed legislation to further regulate services provided via mobile apps and ensure these operated alongside the country's other laws, including the Personal Information Protection Law (PIPL) and Data Security Law.

Under the draft laws, operators that provided news services through mobile apps would have to obtain the licence to do so. They also must deliver such services within the scope of the licence and as permitted under the licence. The CAC, however, did not elaborate on what exactly the licence would cover. 

Data assessment, user consent key to compliance with China law

International businesses that process data from China should obtain user consent and establish a data map--specifically looking at cross-border flow and residency--to ensure compliance, even as more clarity is needed on China's Personal Information Protection Law.

Read More

Operators of apps that provided news, instant messaging, and other related services must require their users to register based on their mobile number and identification card number. Users who refused to do so or who used fraudulent identification data should not be permitted to use the app. 

App operators were expected to put in place the necessary mechanisms and tools to manage user registration and accounts as well as review information and monitor usage. Registered users who breached service agreements and laws must be issued warnings and access restricted or blocked, where necessary. 

In addition, mobile app operators that introduced technologies and functions that could potentially influence public opinion or mobilise the population, must carry out security assessments according to specifications laid out by CAC. The government agency, though, did not provide details on what these might entail. 

Operators also should not use their apps to facilitate activities that were illegal and that endangered national security or disrupted social cohesion. 

They must further comply with requirements stipulated in the country's cybersecurity law. Should they uncover security flaws or other risks in their mobile app, they must take immediate steps to plug the security holes and notify users in a timely fashion. The relevant authorities also should be notified of the security flaw. 

If passed, the draft legal framework would apply to various media including text, picture, voice, and video, and information platforms delivered via the mobile app, including instant messaging, FAQs, and community forums. 

CAC said public feedback on the proposed law would close on January 20. It added that the regulation was slated to be passed later this year. 

The draft laws are the latest in China's efforts to stem what the government perceives as problems within the digital economy, such as poor management of personal data.

CAC last May called out 33 mobile apps for collecting more user data than it deemed necessary to offer their service. CAC said these companies, which included Baidu and Tencent Holdings, had breached local regulations and gathered personal information without consent from their users. 

RELATED COVERAGE

Show Comments